Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us to embed security in the software development lifecycle and conduct vital security assessments.
- Company: Be part of a forward-thinking tech company dedicated to secure application development.
- Benefits: Enjoy flexible working options, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact by protecting applications and educating teams on security best practices.
- Qualifications: 5+ years in application security with strong coding knowledge and hands-on experience in security tools.
- Other info: Ideal for those passionate about security and eager to work in a collaborative environment.
The predicted salary is between 48000 - 72000 £ per year.
The Role
- Embed security best practices within the SDLC, collaborating with developers to ensure secure coding.
- Conduct security assessments, identify potential threats, and mitigate risks in web and mobile applications.
- Perform application security testing (SAST, DAST) and manual security code reviews.
- Implement and manage security tools such as SAST, DAST, SCA, and CI/CD security integrations.
- Investigate security incidents, prioritise remediation and guide teams on secure development practices.
- Ensure applications meet industry standards (OWASP Top 10, NIST, ISO 27001) and regulatory requirements (GDPR, PCI-DSS, etc.).
- Educate engineers and stakeholders on security threats, vulnerabilities and secure coding practices.
Skills
- 5+ years of experience in application security, penetration testing, or software security engineering.
- Strong knowledge of secure coding principles in one or more languages (e.g., Python, Java, JavaScript, Go, .NET).
- Hands-on experience with SAST, DAST, SCA and security automation in CI/CD pipelines.
- Familiarity with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).
- Knowledge of OWASP Top 10, CWE, CVSS, MITRE ATT&CK and NIST frameworks.
- Experience conducting threat modelling, code reviews and penetration testing.
- Excellent communication skills with the ability to influence and educate development teams.
- Security certifications such as CISSP, OSCP, GWAPT, CEH or CSSLP are a plus.
- Experience with Infrastructure-as-Code security (Terraform, CloudFormation) is desirable.
- Knowledge of API security best practices and standards (OAuth, JWT, OpenID) is desirable.
- Familiarity with DevSecOps principles and security automation in CI/CD pipelines is desirable.
Senior Application Security Engineer employer: RiverSafe
Contact Detail:
RiverSafe Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Application Security Engineer
✨Tip Number 1
Familiarise yourself with the latest security tools and frameworks mentioned in the job description, such as SAST, DAST, and OWASP Top 10. Being able to discuss these tools and how you've used them in past roles will show your expertise and readiness for the position.
✨Tip Number 2
Network with professionals in the application security field, especially those who have experience with cloud security and container security. Engaging in discussions or attending relevant meetups can provide insights and potentially lead to referrals.
✨Tip Number 3
Prepare to demonstrate your hands-on experience with secure coding practices during interviews. Be ready to share specific examples of how you've implemented security measures in your previous projects, particularly in languages like Python or Java.
✨Tip Number 4
Stay updated on the latest trends and threats in application security. Being knowledgeable about current vulnerabilities and how they relate to the frameworks mentioned (like NIST and GDPR) will help you stand out as a candidate who is proactive and informed.
We think you need these skills to ace Senior Application Security Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience in application security, penetration testing, and secure coding principles. Use specific examples that demonstrate your hands-on experience with SAST, DAST, and CI/CD security integrations.
Craft a Strong Cover Letter: In your cover letter, emphasise your ability to embed security best practices within the SDLC. Mention your familiarity with industry standards like OWASP Top 10 and regulatory requirements such as GDPR and PCI-DSS.
Showcase Relevant Skills: Clearly list your technical skills related to application security, including programming languages you are proficient in (e.g., Python, Java). Highlight any security certifications you hold, as these can set you apart from other candidates.
Prepare for Technical Questions: Be ready to discuss your experience with security tools and frameworks during the interview process. Prepare examples of how you've conducted threat modelling, code reviews, and penetration testing in previous roles.
How to prepare for a job interview at RiverSafe
✨Showcase Your Technical Expertise
Be prepared to discuss your hands-on experience with SAST, DAST, and security automation in CI/CD pipelines. Highlight specific projects where you implemented security tools and how they improved the overall security posture.
✨Demonstrate Secure Coding Knowledge
Familiarise yourself with secure coding principles in languages relevant to the role, such as Python or Java. Be ready to explain how you've applied these principles in past projects and how you can educate others on them.
✨Discuss Threat Modelling Experience
Prepare to talk about your experience with threat modelling and penetration testing. Share examples of how you've identified potential threats and mitigated risks in web and mobile applications.
✨Communicate Effectively
Since excellent communication skills are crucial for this role, practice explaining complex security concepts in simple terms. Be ready to discuss how you've influenced and educated development teams on security best practices.
